Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,361 advisories

Loading
The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins... Critical Unreviewed
CVE-2016-15042 was published Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2020-36842 was published Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all... High Unreviewed
CVE-2024-8918 was published Oct 16, 2024
The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions... Critical Unreviewed
CVE-2021-4443 was published Oct 16, 2024
The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed
CVE-2021-4449 was published Oct 16, 2024
An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote... Critical Unreviewed
CVE-2024-48781 was published Oct 15, 2024
File Upload vulnerability in DYCMS Open-Source Version v2.0.9.41 allows a remote attacker to... Critical Unreviewed
CVE-2024-48782 was published Oct 15, 2024
A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9975 was published Oct 15, 2024
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads.... Critical Unreviewed
CVE-2024-9985 was published Oct 15, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing... High Unreviewed
CVE-2024-9981 was published Oct 15, 2024
A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0.... Moderate Unreviewed
CVE-2024-9904 was published Oct 13, 2024
A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1... Moderate Unreviewed
CVE-2024-9903 was published Oct 13, 2024
angular-base64-upload vulnerable to unauthenticated remote code execution Critical
CVE-2024-42640 was published for angular-base64-upload (npm) Oct 11, 2024
rvizx
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang... Critical Unreviewed
CVE-2024-46088 was published Oct 11, 2024
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as... Moderate Unreviewed
CVE-2024-9855 was published Oct 11, 2024
A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as... Moderate Unreviewed
CVE-2024-9815 was published Oct 11, 2024
A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical.... Moderate Unreviewed
CVE-2024-9816 was published Oct 11, 2024
A vulnerability, which was classified as critical, has been found in Codezips Online Shopping... Moderate Unreviewed
CVE-2024-9794 was published Oct 10, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of... High Unreviewed
CVE-2024-47423 was published Oct 9, 2024
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with... High Unreviewed
CVE-2024-45136 was published Oct 9, 2024
InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File... High Unreviewed
CVE-2024-45137 was published Oct 9, 2024
Livewire Remote Code Execution on File Uploads High
CVE-2024-47823 was published for livewire/livewire (Composer) Oct 8, 2024
angelej RChutchev
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a... High Unreviewed
CVE-2024-37179 was published Oct 8, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form – Contact Form... High Unreviewed
CVE-2024-47319 was published Oct 5, 2024
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file... Moderate Unreviewed
CVE-2024-9417 was published Oct 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database